Lucene search
K

3068 matches found

Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.7 views

PT-2026-28268

Insertion of Sensitive Information into Log File vulnerability in the SCIM Driver module in OpenText IDM Driver and Extensions on Windows, Linux, 64 bit allows authenticated local users to obtain sensitive information via access to log files. This issue affects IDM SCIM Driver: 1.0.0.0000 through...

7.3CVSS5.9AI score0.00109EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/26 12:30 a.m.3 views

EUVD-2025-209038

IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files...

4CVSS5.8AI score0.00135EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 10:16 p.m.10 views

CVE-2025-36187

IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...

4.4CVSS0.00153EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 10:16 p.m.6 views

CVE-2025-14684

IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files...

4CVSS0.00135EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 9:26 p.m.5 views

CVE-2025-36187

IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...

4.4CVSS5.8AI score0.00153EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/25 9:26 p.m.1 views

CVE-2025-36187 Multiple Security vulnerabilities affecting IBM Knowledge Catalog Standard Cartridge

IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...

4.4CVSS6AI score0.00153EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 9:22 p.m.5 views

CVE-2025-14684

IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files...

4CVSS5.8AI score0.00135EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.4 views

PT-2026-28132

Name of the Vulnerable Software and Affected Versions IBM Knowledge Catalog Standard Cartridge versions 5.0.0 through 5.0.3 IBM Knowledge Catalog Standard Cartridge versions 5.1 through 5.1.3 IBM Knowledge Catalog Standard Cartridge versions 5.2.0 through 5.2.1 Description The software stores...

4.4CVSS6.1AI score0.00153EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.4 views

VMware Cloud Foundation SDDC Manager Information Disclosure (VMSA-2022-0003)

The remote host is running a version of VMware Cloud Foundation prior to 3.11 or prior to 4.3.1.1. It is, therefore, affected by an information disclosure vulnerability: - VMware Cloud Foundation contains an information disclosure vulnerability due to the logging of credentials in plain-text with...

4.9CVSS5.9AI score0.00778EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/13 12:0 a.m.4 views

SAP NetWeaver AS ABAP Missing Authorization Check (3704740)

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by a missing authorization check vulnerability as referenced in the SAP Security Patch Day March 2026: - Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticat...

5CVSS6AI score0.0023EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/11 7:8 a.m.5 views

CVE-2026-27688

Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with user privileges could read Database Analyzer Log Files via a specific RFC function module. The attacker with the necessary privileges to execute this function module could potentially...

5CVSS5.9AI score0.0023EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.5 views

Lenovo Filez 安全漏洞

Lenovo Filez is an enterprise cloud storage service provided by Lenovo Corporation. Lenovo FileZ has a security vulnerability, which stems from the possibility for locally authenticated users under certain conditions to retrieve sensitive data stored in log files...

2.8CVSS5.8AI score0.00093EPSS
Exploits0References1
NVD
NVD
added 2026/03/10 10:16 p.m.5 views

CVE-2026-31817

OliveTin gives access to predefined shell commands from a web interface. Prior to 3000.11.2, when the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied UniqueTrackingId field in the...

8.5CVSS0.00712EPSS
Exploits1References1
OSV
OSV
added 2026/03/10 9:8 p.m.6 views

CVE-2026-31817 OliveTin's unsafe parsing of UniqueTrackingId can be used to write files

OliveTin gives access to predefined shell commands from a web interface. Prior to 3000.11.2, when the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied UniqueTrackingId field in the...

8.5CVSS6.1AI score0.00712EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/10 6:31 p.m.5 views

EUVD-2026-10463

Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with user privileges could read Database Analyzer Log Files via a specific RFC function module. The attacker with the necessary privileges to execute this function module could potentially...

5CVSS5.9AI score0.0023EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/10 12:18 a.m.3 views

CVE-2026-27688 Missing Authorization check in SAP NetWeaver Application Server for ABAP

Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with user privileges could read Database Analyzer Log Files via a specific RFC function module. The attacker with the necessary privileges to execute this function module could potentially...

5CVSS5.9AI score0.0023EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.7 views

PT-2026-24164

Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server for ABAP affected versions not specified Description An authenticated attacker with user privileges may be able to read Database Analyzer Log Files due to a missing authorization check within a specific RFC...

5CVSS5.5AI score0.0023EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/03/09 12:0 a.m.3 views

CVE-2025-70040

An issue pertaining to CWE-532: Insertion of Sensitive Information into Log File was discovered in LupinLin1 jimeng-web-mcp v2.1.2. This allows an attacker to obtain sensitive information...

5.3CVSS5.8AI score0.00241EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/06 12:0 a.m.6 views

Cryptomator 安全漏洞

Cryptomator is a simple digital self-defense tool from the Cryptomator community. It is used to protect data. Versions of Cryptomator prior to 1.19.0 have security vulnerabilities; these vulnerabilities stem from the possibility of leaking plaintext paths into log files, which could lead to...

5.3CVSS5.8AI score0.00122EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/03 7:42 p.m.3 views

EUVD-2026-9313

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to writing of sensitive Information in a log file...

4.3CVSS5.9AI score0.0019EPSS
Exploits0References1
Rows per page
Query Builder